Joined: Sat Aug 02, 2008 8:00 am
Posts: 147
|
|
When using an IFRAME on the page and defining the src of the contents of the IFRAME to be from another server hostname:port and then trying to access the contents of the IFRAME using the contentwindow or the contentdocument properties you get the permission denied error.
The reason is that for security issues the latest Internet browsers blocked the access to the DOM objects that are returned from locations that are not the same as the location of the containing page and this is called "The Same Origin Policy"
I Examined the returned DOM myself using firebug and found that the returned contentwindow and contentdocument are appearing to be empty for firebug.
After searching online I found 2 approaches described as solution for this problem
the first approach is to change the document.domain property in either the containing or the contained pages
this claims that the browser will validate the same origin policy based on the domain property
although the mozilla website says that firefox validates the same origin based n the hotstname and the port and that changing the document.domain will erase this error I found that changing the document.domain did not fix the problem.
The other approach is using AJAX to query the contents and using a proxy to pass this request I found that this solution is costy to set up a proxy just for this purpose.
I tried another approach by changing the header of the returned response from the contained page using the response.setHeader method to set the host header to the hostname and port of the containing page and that did not work as well
finally I found there is no escape from having both pages to be served on the same server (hostname and port)
If anyone could find a solution for this problem please prompt and share it
Thanks
_________________
Muhammad Safwat Fuad
The Java Code Admin
Java Technical Lead.
Mobile: +2010-2942-538
Email:mtv134@yahoo.com
|
|
